package com.amazonaws.http.apache.client.impl;

import com.amazonaws.SDKGlobalConfiguration;
import com.amazonaws.http.AmazonHttpClient;
import com.amazonaws.http.DelegatingDnsResolver;
import com.amazonaws.http.client.ConnectionManagerFactory;
import com.amazonaws.http.conn.ssl.SdkTLSSocketFactory;
import com.amazonaws.http.settings.HttpClientSettings;
import com.amazonaws.internal.SdkSSLContext;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHost;
import org.apache.http.config.ConnectionConfig;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.conn.DefaultSchemePortResolver;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.protocol.HttpContext;

/* loaded from: input_file:com/amazonaws/http/apache/client/impl/ApacheConnectionManagerFactory.class */
public class ApacheConnectionManagerFactory implements ConnectionManagerFactory<HttpClientConnectionManager> {
    private final Log LOG = LogFactory.getLog(AmazonHttpClient.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/apache/client/impl/ApacheConnectionManagerFactory$TrustingSocketFactory.class */
    public static class TrustingSocketFactory implements LayeredConnectionSocketFactory {
        private SSLContext sslcontext;

        private TrustingSocketFactory() {
            this.sslcontext = null;
        }

        private static SSLContext createSSLContext() throws IOException {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{new TrustingX509TrustManager()}, null);
                return sSLContext;
            } catch (Exception e) {
                throw new IOException(e.getMessage(), e);
            }
        }

        @Override // org.apache.http.conn.socket.LayeredConnectionSocketFactory
        public Socket createLayeredSocket(Socket socket, String str, int i, HttpContext httpContext) throws IOException, UnknownHostException {
            return getSSLContext().getSocketFactory().createSocket(socket, str, i, true);
        }

        @Override // org.apache.http.conn.socket.ConnectionSocketFactory
        public Socket createSocket(HttpContext httpContext) throws IOException {
            return getSSLContext().getSocketFactory().createSocket();
        }

        @Override // org.apache.http.conn.socket.ConnectionSocketFactory
        public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
            SSLSocket sSLSocket = (SSLSocket) (socket != null ? socket : createSocket(httpContext));
            if (inetSocketAddress2 != null) {
                sSLSocket.bind(inetSocketAddress2);
            }
            sSLSocket.connect(inetSocketAddress, i);
            return sSLSocket;
        }

        private SSLContext getSSLContext() throws IOException {
            if (this.sslcontext == null) {
                this.sslcontext = createSSLContext();
            }
            return this.sslcontext;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/apache/client/impl/ApacheConnectionManagerFactory$TrustingX509TrustManager.class */
    public static class TrustingX509TrustManager implements X509TrustManager {
        private static final X509Certificate[] X509_CERTIFICATES = new X509Certificate[0];

        private TrustingX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return X509_CERTIFICATES;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.amazonaws.http.client.ConnectionManagerFactory
    public HttpClientConnectionManager create(HttpClientSettings httpClientSettings) {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(createSocketFactoryRegistry(getPreferredSocketFactory(httpClientSettings)), null, DefaultSchemePortResolver.INSTANCE, new DelegatingDnsResolver(httpClientSettings.getDnsResolver()), httpClientSettings.getConnectionPoolTTL(), TimeUnit.MILLISECONDS);
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(httpClientSettings.getMaxConnections());
        poolingHttpClientConnectionManager.setMaxTotal(httpClientSettings.getMaxConnections());
        poolingHttpClientConnectionManager.setDefaultSocketConfig(buildSocketConfig(httpClientSettings));
        poolingHttpClientConnectionManager.setDefaultConnectionConfig(buildConnectionConfig(httpClientSettings));
        return poolingHttpClientConnectionManager;
    }

    private ConnectionSocketFactory getPreferredSocketFactory(HttpClientSettings httpClientSettings) {
        ConnectionSocketFactory sslSocketFactory = httpClientSettings.getApacheHttpClientConfig().getSslSocketFactory();
        return sslSocketFactory != null ? sslSocketFactory : new SdkTLSSocketFactory(SdkSSLContext.getPreferredSSLContext(httpClientSettings.getSecureRandom()), getHostNameVerifier(httpClientSettings));
    }

    private SocketConfig buildSocketConfig(HttpClientSettings httpClientSettings) {
        return SocketConfig.custom().setSoKeepAlive(httpClientSettings.useTcpKeepAlive()).setSoTimeout(httpClientSettings.getSocketTimeout()).setTcpNoDelay(true).build();
    }

    private ConnectionConfig buildConnectionConfig(HttpClientSettings httpClientSettings) {
        int max = Math.max(httpClientSettings.getSocketBufferSize()[0], httpClientSettings.getSocketBufferSize()[1]);
        if (max <= 0) {
            return null;
        }
        return ConnectionConfig.custom().setBufferSize(max).build();
    }

    private HostnameVerifier getHostNameVerifier(HttpClientSettings httpClientSettings) {
        return httpClientSettings.useBrowserCompatibleHostNameVerifier() ? SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER : SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
    }

    private Registry<ConnectionSocketFactory> createSocketFactoryRegistry(ConnectionSocketFactory connectionSocketFactory) {
        if (SDKGlobalConfiguration.isCertCheckingDisabled()) {
            if (this.LOG.isWarnEnabled()) {
                this.LOG.warn("SSL Certificate checking for endpoints has been explicitly disabled.");
            }
            connectionSocketFactory = new TrustingSocketFactory();
        }
        return RegistryBuilder.create().register(HttpHost.DEFAULT_SCHEME_NAME, PlainConnectionSocketFactory.getSocketFactory()).register("https", connectionSocketFactory).build();
    }
}
